2014-11-03

question the cook book

Security is a process. It keeps the bits and pieces together over time - risk, requirements and testing. Case closed? Maybe not.

Legacy systems, management priorities and sourcing are three examples of circumstances that challenge our theories and force us to question the cook book.

What do you do when the terrain simply doesn't match the map? Be flexible. Don't lose the process - you will be needing it more than ever! - but identify hurdles, prioritize which ones to confront, mitigate and adapt.